Researchers Easily Slipped Weapons Past TSA’s X-Ray Body Scanners

Aug. 21, 2014
The Rapiscan Secure 1000 machines haven't been used in airports since last year, but the glaring vulnerabilities demonstrate how poorly the machines were tested before they were deployed to more than 160 American airports.

Two years ago, a blogger named Jonathan Corbett published a YouTube video that seemed to show a facepalm-worthy vulnerability in the TSA’s Rapiscan full-body X-ray scanners: Because metal detected by the scanners appeared black in the images they created, he claimed that any passenger could hide a weapon on the side of his or her body to render it invisible against the scans’ black background. The TSA dismissed Corbett’s findings, and even called reporters to caution them not to cover his video.

Now a team of security researchers from the University of California at San Diego, the University of Michigan, and Johns Hopkins plans to reveal their own results from months of testing that same model of scanner. And not only did they find that Corbett’s weapon-hiding tactic worked; they also found that they could pull off a disturbing list of other possible tricks, such as using teflon tape to conceal weapons against someone’s spine, installing malware on the scanner’s console that spoofed scans, or simply molding plastic explosives around a person’s body to make it nearly indistinguishable from flesh in the machine’s images.